CVE-2024-0447 Information

Description

The ArtiBot Free Chat Bot for WordPress WebSites plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the artibot_update function in all versions up to and including 1.1.6. This makes it possible for authenticated attackers with subscriber-level access and above to update plugin settings.

Reference

https://www.wordfence.com/threat-intel/vulnerabilities/id/848f36de-c62a-45ee-b259-46dab73e4439?source=cve https://plugins.trac.wordpress.org/browser/artibot/trunk/artibot.php#L60